Glossary

ISO 42001

The AI-specific extension of ISO 27001, a management system standard for organizations that build or operate AI systems. The compliance signal that separates serious AI vendors in 2026.

ISO 42001 is the AI-specific cousin of 27001. Where 27001 is about information security broadly, 42001 is about the management practices a vendor needs when AI is part of the product, model governance, training data oversight, output validation, bias monitoring, lifecycle management.

It is new (published 2023) and uncommon (few vendors are certified yet in 2026). The compliance signal it carries is correspondingly high, a vendor with 42001 is making a deliberate statement that AI is a first-class concern in their security posture, not an afterthought.

For an SME buyer the practical question is whether the vendor is on a serious path toward 42001, with target dates and an external auditor engaged. A vendor that has not heard of 42001 has not done the work.

How Vorel does this

Vorel's ISO 42001 certification is in progress, expected Q1 2027, with auditors engaged.

The next call doesn’t have to go to voicemail.

Book a thirty-minute demo. We point Vorel at one of your real numbers on the same call.